Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '8b026be83eeb5a184b16a52e44ee9069' = '"%TEMP%\betawindowstestV1.exe" ..'
- [<HKLM>\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] '8b026be83eeb5a184b16a52e44ee9069' = '"%TEMP%\betawindowstestV1.exe" ..'
- '%WINDIR%\syswow64\netsh.exe' firewall add allowedprogram "%TEMP%\betawindowstestV1.exe" "betawindowstestV1.exe" ENABLE
- %TEMP%\betawindowstestv1.exe
- 'be######owsx001.ddns.net':9864
- DNS ASK be######owsx001.ddns.net
- '%TEMP%\betawindowstestv1.exe'
- '%WINDIR%\syswow64\netsh.exe' firewall add allowedprogram "%TEMP%\betawindowstestV1.exe" "betawindowstestV1.exe" ENABLE' (with hidden window)